package com.itqf.shiro;

import com.itqf.bean.DtsAdmin;
import com.itqf.constants.AdminConstant;
import com.itqf.service.DtsAdminService;
import com.itqf.service.DtsPermissionService;
import com.itqf.service.DtsRoleService;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.Collection;

/**
 * projectName: store_parent
 *
 * @author: 赵伟风
 * time: 2021/6/7 16:55
 * description: realm读取正确的数据!
 *     认证: 密码 盐
 *     授权: 角色 权限
 */
public class AuthorizationRealm extends AuthorizingRealm {

    @Autowired
    private DtsAdminService adminService;

    @Autowired
    private DtsRoleService roleService;

    @Autowired
    private DtsPermissionService permissionService;


    Logger  logger = LoggerFactory.getLogger(AuthorizationRealm.class);

    /**
     * 授权,就是读取角色和权限,给securityManager
     * @param principalCollection
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {

        logger.info("[授权]开始,时间:{}",System.currentTimeMillis());

        //1.获取用户信息
        DtsAdmin admin = (DtsAdmin) principalCollection.getPrimaryPrincipal();

        if (admin == null) {
            logger.error("[授权]失败! admin为null导致!");
            return null;
        }

        Integer[] roleIds = admin.getRoleIds();

        if (roleIds == null && roleIds.length == 0) {

            logger.error("[授权]失败! 用户{},对应的ids为null导致!",admin.getUsername());
            return null;
        }

        //2.读取角色
        Collection<String> roleNames = roleService.findRoleNames(roleIds);
        //3.读取权限
        Collection<String> permissionNames = permissionService.findPermissionNames(roleIds);

        //4.配置返回结果info
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        info.addRoles(roleNames);
        info.addStringPermissions(permissionNames);

        logger.info("[授权]结束,时间:{}",System.currentTimeMillis());

        return info;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {

        logger.info("[认证]开始,时间:{}",System.currentTimeMillis());

        //1.获取用户输入的凭证
        String username = (String) authenticationToken.getPrincipal();

        if (username == null) {
            logger.error("[认证]失败! username为null导致!");
            return null;
        }
        //2.根据凭证进行数据库查询
        DtsAdmin admin = adminService.findAdminByUserName(username);

        if (admin == null) {
            logger.error("[认证]失败! username为{},但是数据库没有对应的数据!",username);
            return null;
        }

        //3.不为空,进行AuthenticationInfo信息装配
        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(admin,admin.getPassword(),
                ByteSource.Util.bytes(AdminConstant.ADMIN_SLAT),"myrealm");

        logger.info("[认证]结束,时间:{}", System.currentTimeMillis());

        return info;
    }
}
